Alright- an update. I'm a novice with nginx (and Shiny Server for that matter), but here's what I did, which seems to be working:
- instead of adding the following code block to nginx.conf (again; as recommended in this recent rstudio support post),
http {
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 80;
location / {
proxy_pass http://localhost:3838;
proxy_redirect / $scheme://$http_host/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_read_timeout 20d; proxy_buffering off;
}
}
}
it was instead necessary to add just the mapping block (ie "map $http_...") to nginx.conf, separating the location/ {...} logic to a new site configuration file, or more precisely:
nginx.conf:
.
.
.
http {
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
.
.
And then for the site configuration, to unlink the default site configuration file which ships with nginx:
sudo unlink /etc/nginx/sites-enabled/default
create a new configuration file, eg:
sudo vim please_proxy_my_shiny_server.conf
with this new file containing the following:
please_proxy_my_shiny_server.conf:
server_name my_domain.com www.my_domain.com;
location / {
# block added from rstudio support doc
proxy_pass http://localhost:3838;
proxy_redirect / $scheme://$http_host/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_read_timeout 20d;
proxy_buffering off;
}
and then finally update the symlink:
sudo ln -s /etc/nginx/sites-available/please_proxy_my_shiny_server.conf /etc/nginx/sites-enabled/please_proxy_my_shiny_server.conf
then restart everything. On ubuntu:
sudo systemctl reload nginx
And btw, certbot seemed to be able to handle the upgrade to SSL just fine, autoediting my site config file to handle https without issue, which happened via a command sequence like this:
sudo apt-get update
sudo apt-get install python-certbot-nginx
sudo certbot --nginx -d my_domain.com -d www.my_domain.com
I'll leave this post open for a day or three until I'm sure this is indeed a solution and/or if anyone knowledgeable cares to weigh in.